User Guide
OmniAccess SafeGuard OS Administration Guide
241
Chapter 6: Configuring Authentication and Role Derivation
match class.name rule-op value
Syntax Description class.name Name of the attribute based on the
authentication type. See the following list of
attributes by class:
■ System attribute are shown in System
Attributes for Attribute Rules on page 241.
■ DHCP attributes are shown in DHCP Attributes
for Attribute Rules on page 243.
rule-op Each attribute type can support one or more
rule comparator operations depending the
class.name. The comparator operators are
defined as:
■ exists – The attribute exists in the
authentication event
■ equals – The attribute value matches the
user-supplied rule value
■ contains – The attribute value contains the
user-supplied rule value
■ contained-by – The attribute is completely
contained by the rule value
■ less-than – The numeric value is converted
and compared to see if it is less than the
value in the mapping table
■ greater-than – The numeric value is
converted and compared to see if it is more
than the value in the mapping table
■ not – Inverts the match criteria
value Value can have one or more items listed as
entries. Multiple entries are listed and separated
by commas. String values are not case sensitive.
Table 18 System Attributes for Attribute Rules
Attribute Description
system.domainName Match rule based on value of domain name. Supported
operations for this attribute are:
■ contains
■ equals
■ not
system.mapType Match rule based on mapping type used. Supported
operations for this attribute are:
■ equals
■ not